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REMARKS 

Claims 1 to 9, 12, 15, 18 and 19 were pending in the 
application at the time of the advisory action. Claims 1 to 9, 
12, 15, 18 and 19 remain rejected as anticipated. 

A review of the drawings indicated that Fig. 12 includes 
two instances of reference numeral 124 0; Fig. 17 includes two 
instances of reference numeral 172 0; and Fig. 24 includes two 
instances of reference numeral 2420. Applicants have amended 
the specification so that the "end with failure" element in 
Fig. 12 has reference numeral 1245; "user data 10" element in 
Fig. 17 has reference numeral 1721; and "user data 10" element 
in Fig. 24 has reference numeral 2421. These amendments add 
clarity by giving each distinct element in the drawings a 
distinct reference numeral and so do not add new matter. 
Applicants are obtaining corrected drawings and will submit 
replacement sheets under separate cover when the corrected 
drawings are received. 

Claims 1 to 9, 12, 15, and 18 stand rejected under 35 
U.S.C. § 102(b) as being anticipated by U.S. Patent Application 
Publication No. 2002/0120864, hereinafter referred to as Wu. 
With respect to Claims 1, 4 and 7, the rejection stated, in 
part : 
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. . . Wu et al . discloses a method, program and apparatus 
for managing identification in a data communications 
network comprising a portable user-controlled secure 
storage device(i.e., repository server system) which is 
used to store user data and provide user interface control 
to the user when a request is made to perform services 
with the Web. (See page 4, Section 0042), enrolling user 
of the user-controlled secure storage device with an 
authority network site, providing information requested, 
storing the data, enabling the portable user-controlled 
secure storage device to release user data and using the 
user data, from the portable user-controlled secure 
storage device at a service provider network site to 
obtain a service. (See page 4, Sections 0040-042) 
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Applicants respectfully traverse the anticipation 
rejection of each of Claims 1, 4 and 7. The rejection is 
simply Applicants 1 claim language paraphrased. The comments in 
the prior response as to why Wu fails to anticipate Applicants' 
claims have not been rebutted and so the Office has admitted 
that the remarks are correct. Accordingly, a notice of 
allowance should be issued. The MPEP and the courts require 
that the Office address the remarks. 

Yet again, Applicants point out that for an anticipation 
rejection, the MPEP requires: 

U A claim is anticipated only if each and every 
element as set forth in the claim is found, either 
expressly or inherently described, in a single prior art 

reference." "The identical invention must be 

shown in as complete detail as is contained in the . • . 
claim," (Emphasis Added.) 



MPEP § 2131, 8th Ed., Rev. 5, p. 2100-67 (August 2006). 

The statements in the rejection paraphrase Applicants 1 
claim language and are not a teaching in Wu. Paragraphs 4 0 to 
42 of Wu taught: 
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[0040] As generally illustrated in FIG. 1, the environment 
preferably addressed by the present invention includes a 
typically public-use communications network 12, such as 
the Internet, that permits a user of a client system 14 to 
conduct information transactions over the network 12 with 
any of the partner site servers 16, 18, 20 and an 
information server system 22. The partner site servers 16, 
18, 2 0 represent any network accessible computer systems 
that provide or require a login identification by the 
user, that request form-entry type information, or that 
may submit information, such as receipts, on behalf of a 
user to the information server system 22. The partner site 
servers 16, 18, 20 may be electronic commerce sites, where 
the user is allowed to order or purchase goods or 
services. Site-specific Web page forms are presented to 
the user to obtain identifying information, such as a 
login name and password, and other transaction-specific 
information prior to completing a user transaction. 
Electronic receipts and receipt -type data, generated in 
connection with an ecommerce transaction or independently 
generated and supplied, such as in the case of warranty 
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and product registration, and purchase incentive coupons, 
are preferably received from partner sites. 

[0041] In accordance with the present invention, the 
partner site servers 16, 18, 20, present an additional 
user-interface (UI) control, such as a clickable button, 
on Web pages to allow a user to initiate the retrieval of 
confidential user-information desired to complete a 
specific data-entry form. The UI control may also be used 
to initiate or cause the submission of receipts or 
receipt -type data for storage with the information server 
system for the benefit of the user. Other controls, such 
as check-boxes, selection lists, and radio buttons, as 
well as pre-set site and user-specific site configuration 
options, can be used as alternative interface controls. 

[0042] In the case of a Web page form, the user activation 
of a user- interface control, either directly as through a 
button click or indirectly through the triggering of a 
pre-set, a request is issued, preferably using an HTTP Get 
command or alternately a Post command, on behalf of the 
corresponding partner site server 16, 18, 20 destined for 
an information server system 22 that includes a processor 
system 24 that manages and controls access to an 
information repository 26. When received, the request 
contains or is accompanied by sufficient information to 
authenticate the partner site server 16, 18, 20 and the 
client system 14 to the information server system 22. The 
request also identifies the information needed to complete 
the partner site form presented to the user. This 
identification of the information requested can be an 
explicit coded listing of the requested information. 
Alternately, the identifier is an indirect reference, 
which is processable by the information server system 22, 
to obtain a corresponding list of the requested 
information. Preferably, the identifier is constructed as 
a hybrid, containing explicit data field references for 
handling dynamic data requirements and a storage reference 
for data field references that are well anticipated or 
static. Using the hybrid specification of data references 
allows the dynamic or run-time complementing and 
overriding of the static set of data field references. 
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This section does not teach or even suggest "a repository 
server system" that was used in the rejection without citation. 
Instead, Wu stated "an information server system 22 that 
includes a processor system 24 that manages and controls access 
to an information repository 26." 
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There is no teaching that the information server system is 
user-controlled and there is no teaching that either the 
information server system or the repository is portable. 
Therefore, Wu fails to teach a "portable user-controlled secure 
storage device." 

The rejection has failed to cite any teaching that either 
the repository or the information server system could even be 
implemented on a portable user-controlled secure storage 
device. Further, the rejection has failed to cite any teaching 
of "receiving a portable user-controlled secure storage 
device." Receiving a request from a user teaches nothing 
concerning any type of device let alone the specific device 
recited in these claims. Only one of these differences is 
needed to overcome the anticipation rejection. Applicants 
respectfully request reconsideration and withdrawal of the 
anticipation rejection of Claim 1. 

Claim 4 is a program storage device corresponding to 
method Claim 1 and thus includes substantially the same 
distinctive feature as Claim 1. Claim 7 is a means-plus- 
function Claim corresponding to method Claim 1 and thus 
includes substantially the same distinctive feature as Claim 1. 
Accordingly, the above comments with respect to Claim 1 are 
incorporated herein by reference for Claims 4 and 7. 
Applicants request reconsideration and withdrawal of the 
obviousness rejection of each of Claims 4 and 7. 

With respect to Claims 2, 5 and 8, the rejection stated, 
in part : 



GUNNISON. McKAY & 

HODGSON. LLP. 
Garden West Office Plaza 
1 900 Garden Road. Suite 220 
Monterey. CA 93940 

(831)655-0880 
Fax (831) 655-0888 



. . . Wu et al . discloses a method, program and apparatus 
for managing identification in a data communications 
network comprising receiving a portable user-controlled 
secure storage device, enrolling user of the portable 
user-controlled secure storage device with authority 
network site, providing information requested, receiving 
the data in two portion comprising a cryptogram computed 
based on the second portion (i.e. means for encryption by 
using a encrypted-key token which gives the user control 
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to access a device on the Web (See page 3, Section 0027 
and page 4, Section 0044), storing the data, enabling the 
user-controlled secure storage device to release user 
data, and using the user data at a service provider 
network site to obtain a service. (See page 4, Sections 
0044-0045) 

Applicants respectfully traverse the anticipation 
rejection of Claim 2. Applicants respectfully notes that 
Claim 2 does not recite that the user data comprises simply a 
first portion and a second portion as was rejected, but rather 
recites a specification relation ship between the two parts, 
"said first portion comprising a cryptogram computed based on 
said second portion ." As previously pointed out and not 
rebutted in the instant action: 

. . . Claim 2 recites that the user data is received in 
response to enrolling. Paragraph [0027] does not describe 
any enrollment process. In addition, the user data in 
Claim 2 has two portions and a specific relationship 
between the two portions is defined. Paragraph [002 7] 
does not describe such data. 



Paragraph [0044] of Wu stated: 

[0044] To operate within the preferred embodiments of 
the present invention, the user is required to initially 
establish a user-account on the information server system 
22. In establishing this account, the user is allowed to 
select or is assigned a unique user-identifier, such as a 
username and password . This identifier, potentially 
further based on an encrypted key token, is used to 
subsequently identify the user to a partner server system 
16, 18, 20 that has established a partner-account with the 
information server system 22 . (Emphasis added) 
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Thus, Wu taught "a unique user-identifier, such as a 
username and password." However, Wu did not teach that the 
username was a cryptogram computed based on the password or 
alternatively that the password was a cryptogram computed based 
on the username. Wu not only did not teach the invention in 
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the same level of detail, but also taught away by stating that 
a third entity "an encrypted key token" was used. 

The above comments with respect to Claim 1 are also 
applicable to Claim 2 and are incorporated herein by reference. 
The two sections of Wu fail to suggest the operations recited 
in Claim 2, let alone show "The identical invention . . . in as 
complete detail as is contained in the . . . claim, " as required 
by the MPEP for an anticipation rejection. The rejection 
failed to cite teachings at the same level of detail not only 
of the operations associated with the portable user-controlled 
secure storage device, but also of the specific relationship of 
the user data. Applicants respectfully request reconsideration 
and withdrawal of the anticipation rejection of Claim 2. 

Claim 5 is a program storage device corresponding to 
method Claim 2 and thus includes substantially the same 
distinctive feature as Claim 2. Claim 8 is a means-plus- 
function Claim corresponding to method Claim 2 and thus 
includes substantially the same distinctive feature as Claim 2. 
Accordingly, the above comments with respect to Claim 2 are 
incorporated herein by reference for Claims 5 and 8. 
Applicants request reconsideration and withdrawal of the 
obviousness rejection of each of Claims 5 and 8. 

With respect to Claims 3, 6 and 9, the rejection stated, 
in part : 
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. . . Wu et al . discloses a method, program and apparatus 
for managing identification in a data communications 
network presenting an identity credential request and data 
to be stored to a federated identity server via a client 
host, receiving an identity credential in response to 
randomized ID and receiving a logon credential in response 
to the service request (See pages 5-6, Section 0047 and 
Sections 0053-0054) Wu et al . further discloses an 
identity credential in response to randomized ID by 
allowing the user to securely pass information as 
authentication credentials to the service provider to 
authenticate the user, wherein the user-identity becomes 
validated (See page 3, Section 0027) 
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Applicants respectfully traverse the anticipation rejection of 
Claim 3. The rejection is a combination of the final rejection 
and the advisory action. The rejection has yet to refute or 
explain why Applicants' remarks in the response to the final 
office action and the in the RCE filing are incorrect and so 
basically stand admitted as correct by the Office. As noted 
previously, 



Claim 3 first recites: 



presenting an identity credential request and data to 
be stored to a federated identity server via a client 
host 



Thus, two elements are presented to the federated identity 
server, a request and data to be stored. None of the 
rejections nor the advisory action identifies what is 
considered to be the data to be stored. Further, the 
claim continues: 



receiving an identity credential in response to said 
identity credential request, said identity credential 
comprising a randomized ID and an identification 
authority ID, said federated identity server capable 
of verifying the truthfulness, accuracy and 
completeness of said data to be stored (Emphasis 
Added) 



The rejection has not cited any teaching of presenting the 
combination of elements or of any server having the 
capability recited in the Claim. Paragraph [0027] , as 
quoted above, does not mention storage of data or 
verifying the truthfulness, accuracy and completeness of 
the data to be stored. The MPEP requires that Wu teach 
each of these three elements in the same level of detail 
as recited in the Claim. 
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Further, while Wu does state that the user can submit 
and store personal information in Paragraph [0045] , there 
is no teaching that the server is " capable of verifying 
the truthfulness, accuracy and completeness of said data 
to be stored. " 
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When specific deficiencies of the reference are 
identified, simply restating the prior rejections does not 
refute the remarks. The instant rejection still failed to show 
how Wu taught the recited elements. The MPEP, as quoted above 
is unambiguous, Wu must teach the invention to the same level 
of detail as recited in the claims. Since a server has yet to 
be identified that includes the elements in the same level of 
detail as recited in Claim 3, Wu fails to satisfy the 
requirements of the MPEP, as quoted above. Thus, the 
anticipation rejection of Claim 3 is still defective for 
multiple reasons. Applicants respectfully request 
reconsideration and withdrawal of the anticipation rejection of 
Claim 3 . 

Claim 6 is a program storage device corresponding to 
method Claim 3 and thus includes substantially the same 
distinctive feature as Claim 3. Claim 9 is a means-plus- 
function Claim corresponding to method Claim 3 and thus 
includes substantially the same distinctive feature as Claim 3. 
Accordingly, the above comments with respect to Claim 3 are 
incorporated herein by reference for Claims 6 and 9 . 
Applicants request reconsideration and withdrawal of the 
obviousness rejection of each of Claims 6 and 9. 

With respect to Claims 12, 15, and 18, the rejection 
stated, in part : 
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. . . Wu et al . discloses a method for protecting privacy 
on a data communications network, storing user logon 
information for at least one service provider on a 
portable user-controlled secure device(i.e., repository 
server system) which is used to store user data and 
provide user interface control to the user when a request 
is made to perform services with the Web. (See page 4, 
Section 0042) , the least one service provider server 
comprising at least one network server providing a service 
to a user, and logging on the device, and logging on 
providing access to the least one service provider server. 
(See pages 7-8, Sections 0065-0068) 
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Applicants respectfully traverse the anticipation 
rejection of Claim 12. The above comments with respect to 
Claim 1 concerning a portable user-controlled secure device are 
applicable to Claim 12 and so will not be repeated but 
incorporated herein by reference. Applicants respectfully 
request reconsideration and withdrawal of the anticipation 
rejection of Claim 12. 

Claim 15 is a program storage device corresponding to 
method Claim 12 and thus includes substantially the same 
distinctive feature as Claim 12. Claim 18 is a means-plus- 
function Claim corresponding to method Claim 12 and thus 
includes substantially the same distinctive feature as 
Claim 12. Accordingly, the above comments with respect to 
Claim 12 are incorporated herein by reference for Claims 15 and 

18. Applicants request reconsideration and withdrawal of the 
obviousness rejection of each of Claims 15 and 18. 

Claim 19 is rejected under 35 U.S.C. 102(b) as being 
anticipated by Ming-Chuan Wu et al . , "Encoded Bitmap Indexing 
for Data Warehouses, " hereinafter referred to as Wu. The 
rejection stated in part: 

. . . a data structure stored in the memory, the data 
structure including a bit-mapped in the field determined 
by whether the user is a member of a group associated with 
the bit, the mapping for between bits in the field and 
membership in a group maintained by an aggregation 
authority. (See Abstract, page 220, and Section 2.1) 

The Advisory Action did not address the rejection of Claim 

19, and this rejection is simply a repeat of the rejection in 
the final office action. Applicants remarks have yet to be 
addressed. Accordingly, Applicants respectfully traverse the 
anticipation rejection of Claim 19. As stated previously: 
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Applicant expressly traversed this rejection and the 
traverse was not even acknowledged in the final office 
action. Accordingly, the final office action is 
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incomplete and should be withdrawn. Moreover, since the 
comments were not rebutted, it is an admission that 
Applicants 1 remarks were correct and so this claim should 
have been allowed. 

Again, based upon the above quotation from the MPEP, 
the requirement for a reference is not that the reference 
teach some general abstract concept related to the 
invention, but rather the reference must show "The 
identical invention in as complete detail as is contained 
in the . . . claim. " 

Wu describes generally the concept of using "simple 
bitmap indexing and the application domain for which it is 
ideally suited." The application domain is defined by 
abstract mathematical concepts and is not related by Wu to 
"membership in a group." Further, the rejection cited no 
teaching of "the mapping for between bits in said field 
and membership in a group maintained by an aggregation 
authority," but simply paraphrased the claim language. 
Accordingly, the rejection failed to meet the criteria 
required by the MPEP for an anticipation rejection. 
Applicants request reconsideration and withdrawal of the 
anticipation rejection of Claim 19. 

Since the Office has failed to rebut Applicants' remarks, 
the Office again has allowed them to stand as correct and so 
Claim 19 should be allowed. 

Claims 1 to 9, 12, 15, 18 and 19 remain in the 
application. Claims 10, 11, 13, 14, 16 and 17 were previously 
cancelled. For the foregoing reasons, Applicant (s) 
respectfully request allowance of all pending claims. If the 
Examiner has any questions relating to the above, the Examiner 
is respectfully requested to telephone the undersigned Attorney 
for Applicant (s) . 
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